I'm trying to understand a PowerShell command I've come across: "Host application= powershell - WindowStyle Hidden - Command Get - ItemProperty - Path ..." It seems to involve some registry values related to Acer software, and I'm not too familiar with PowerShell. Additionally, I've noticed strange phrases in the HKLM (like 'SoftwareAcerXSense') and I'm concerned since I've had multiple failed login attempts on my laptop recently. I had to input a specific code to access it, and I'm worried my malware protection isn't catching everything. I've even seen some suspicious programs in my task manager that don't seem to belong. I suspect someone may have remotely accessed my laptop before. Any insights on this command and advice on securing my system would be really helpful!
3 Answers
The command you're looking at is mostly pulling values related to Acer from the registry. It's typical for software to check for various properties like installed versions or serial numbers. Considering your concerns about failed logins and suspicious activity, it definitely sounds like your system might be compromised. You should definitely investigate further with tools like Process Explorer and TCPView to see what these weird processes are doing!
It sounds like you've been through a lot! Since you mentioned suspicious remote access, I'd really recommend backing up your important files and possibly wiping your system. Reinstalling Windows can be a bit of a hassle, but it might be the best way to ensure nothing malicious remains on your laptop. Also, consider tightening up your security with a good antivirus and maybe changing passwords, especially for sensitive accounts.
Definitely. Just make sure you back up everything critical and verify your backup is clean before you do the wipe.
To prevent this from happening again, keep your software updated and be cautious about what you install. Also, consider using a password manager and enabling two-factor authentication where possible. And if you suspect your phone might also be at risk, it could be wise to check that too or even get a new one if you're concerned about security breaches.
Yeah, I'm leaning towards a full wipe to feel secure. I just hope I don't lose too much in the process. Thanks for the advice!